| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Search.Safefinder.com - Bekomme ich nicht weg.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.04.2015, 08:35
| #1 |
 |  Search.Safefinder.com - Bekomme ich nicht weg. Hallo, jedesmal wenn ich mein Firefox starte, lande ich auf der Seite search . Safefinder .com obwohl ich eine ganz andere Startseite festgelegt habe. Die Anleitungen aus diesem Thread waren leider erfolglos. http://www.trojaner-board.de/150065-...entfernen.html Vielleicht weiß ja jemand noch eine Lösung? Hier noch ein paar "Daten" Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:28 on 02/04/2015 (Stefsl)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Stefsl (administrator) on WS-1974 on 02-04-2015 08:29:42 Running from C:\Users\Stefsl\Desktop Loaded Profiles: Stefsl (Available profiles: Stefsl) Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\LogonUI.exe () C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-07] (IDT, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-17] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3556418851-3596716294-175366706-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd) AppInit_DLLs: C:\Users\Stefsl\AppData\Local\CopyEditor\rgbh\pxwpujwi.dll => C:\Users\Stefsl\AppData\Local\CopyEditor\rgbh\pxwpujwi.dll [254560 2015-03-26] (TODO: <Company name>) AppInit_DLLs-x32: C:\Users\Stefsl\AppData\Local\CopyEditor\rgbh\limmt.dll => C:\Users\Stefsl\AppData\Local\CopyEditor\rgbh\limmt.dll [127280 2015-03-26] (TODO: <Company name>) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:49530;https=127.0.0.1:49530 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3556418851-3596716294-175366706-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-3556418851-3596716294-175366706-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?PC=AV01 HKU\S-1-5-21-3556418851-3596716294-175366706-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-3556418851-3596716294-175366706-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01 SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3556418851-3596716294-175366706-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-3556418851-3596716294-175366706-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Stefsl\AppData\Roaming\Mozilla\Firefox\Profiles\sw1t76oo.default-1427629716115 FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo! (Avast) FF Homepage: https://de.yahoo.com/?fr=hp-avast&type=avastbcl FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-29] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-29] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF SearchPlugin: C:\Users\Stefsl\AppData\Roaming\Mozilla\Firefox\Profiles\sw1t76oo.default-1427629716115\searchplugins\yahoo-avast.xml [2015-04-01] FF Extension: Old Location Bar - C:\Users\Stefsl\AppData\Roaming\Mozilla\Firefox\Profiles\sw1t76oo.default-1427629716115\Extensions\{3205B348-523A-4fac-9BC4-9939CBF583B0}.xpi [2015-03-29] FF Extension: Adblock Plus - C:\Users\Stefsl\AppData\Roaming\Mozilla\Firefox\Profiles\sw1t76oo.default-1427629716115\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-29] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-17] (Avira Operations GmbH & Co. KG) R2 CopyEditor; C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor.exe [85504 2015-03-12] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-11-07] (IDT, Inc.) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) S0 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [651736 2012-11-03] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-02] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation) S0 megasas2; C:\Windows\System32\drivers\megasas2.sys [53552 2012-10-02] (LSI Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-06-27] (Hewlett-Packard Development Company, L.P.) R4 GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 08:29 - 2015-04-02 08:29 - 00009611 _____ () C:\Users\Stefsl\Desktop\FRST.txt 2015-04-02 08:29 - 2015-04-02 08:29 - 00000000 ____D () C:\FRST 2015-04-02 08:28 - 2015-04-02 08:29 - 02095616 _____ (Farbar) C:\Users\Stefsl\Desktop\FRST64.exe 2015-04-02 08:28 - 2015-04-02 08:28 - 00000474 _____ () C:\Users\Stefsl\Desktop\defogger_disable.log 2015-04-02 08:28 - 2015-04-02 08:28 - 00000000 _____ () C:\Users\Stefsl\defogger_reenable 2015-04-02 08:17 - 2015-04-02 08:17 - 00000117 _____ () C:\Windows\system32\netcfg-78837906.txt 2015-04-02 08:17 - 2015-04-02 08:17 - 00000117 _____ () C:\Windows\system32\netcfg-78835671.txt 2015-04-02 08:14 - 2015-04-02 08:14 - 00000117 _____ () C:\Windows\system32\netcfg-78646062.txt 2015-04-02 08:14 - 2015-04-02 08:14 - 00000117 _____ () C:\Windows\system32\netcfg-78638140.txt 2015-04-02 08:12 - 2015-04-02 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-78517296.txt 2015-04-02 08:12 - 2015-04-02 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-78516281.txt 2015-04-01 10:24 - 2015-04-01 10:24 - 00000117 _____ () C:\Windows\system32\netcfg-56031.txt 2015-04-01 10:23 - 2015-04-01 10:23 - 00000117 _____ () C:\Windows\system32\netcfg-1587359.txt 2015-04-01 10:06 - 2015-04-02 08:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-04-01 10:06 - 2015-04-01 10:06 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-04-01 10:06 - 2015-04-01 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-04-01 10:06 - 2015-04-01 10:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-04-01 10:06 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-04-01 10:06 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-04-01 10:06 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-04-01 10:05 - 2015-04-01 10:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Stefsl\Desktop\mbam-setup-2.1.4.1018.exe 2015-04-01 10:03 - 2015-04-01 10:03 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Stefsl\Downloads\mbam-setup-2.1.4.1018.exe 2015-04-01 10:00 - 2015-04-01 10:00 - 00000117 _____ () C:\Windows\system32\netcfg-231421.txt 2015-04-01 09:50 - 2015-04-01 09:50 - 00000092 _____ () C:\Windows\system32\netcfg-4701953.txt 2015-04-01 09:48 - 2015-04-01 09:48 - 00259584 _____ (OldTimer Tools) C:\Users\Stefsl\Desktop\OTH.scr 2015-04-01 09:29 - 2015-04-02 08:17 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\GlarySoft 2015-04-01 09:29 - 2015-04-02 08:16 - 00000000 ____D () C:\Program Files (x86)\Glarysoft 2015-04-01 09:29 - 2015-04-01 09:29 - 00001545 _____ () C:\GUDownLoaddebug.txt 2015-04-01 09:29 - 2015-04-01 09:29 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\DiskDefrag 2015-04-01 09:27 - 2015-04-01 09:27 - 00000117 _____ () C:\Windows\system32\netcfg-3327250.txt 2015-04-01 08:42 - 2015-04-01 08:42 - 00000117 _____ () C:\Windows\system32\netcfg-616718.txt 2015-04-01 08:39 - 2015-04-01 08:39 - 00000117 _____ () C:\Windows\system32\netcfg-421828.txt 2015-04-01 08:38 - 2015-04-01 08:38 - 00000117 _____ () C:\Windows\system32\netcfg-369031.txt 2015-04-01 08:38 - 2015-04-01 08:38 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-04-01 08:33 - 2015-04-01 08:33 - 00000117 _____ () C:\Windows\system32\netcfg-61281.txt 2015-04-01 08:31 - 2015-04-01 08:31 - 00000117 _____ () C:\Windows\system32\netcfg-1009984.txt 2015-04-01 08:26 - 2015-04-01 08:26 - 00001756 _____ () C:\sc-cleaner.txt 2015-04-01 08:18 - 2015-04-01 08:18 - 00000117 _____ () C:\Windows\system32\netcfg-222281.txt 2015-04-01 08:16 - 2015-04-01 08:16 - 00000117 _____ () C:\Windows\system32\netcfg-100843.txt 2015-04-01 08:12 - 2015-04-01 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-112875.txt 2015-04-01 08:12 - 2015-04-01 08:12 - 00000117 _____ () C:\Windows\system32\netcfg-112250.txt 2015-04-01 07:54 - 2015-04-01 07:52 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-04-01 07:51 - 2015-04-01 07:51 - 00000117 _____ () C:\Windows\system32\netcfg-72103562.txt 2015-04-01 07:51 - 2015-04-01 07:51 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Avira 2015-04-01 07:50 - 2015-04-01 07:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-04-01 07:49 - 2015-04-01 07:49 - 00000000 ____D () C:\ProgramData\Avira 2015-04-01 07:49 - 2015-04-01 07:49 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-04-01 07:49 - 2015-03-17 13:01 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-04-01 07:49 - 2015-03-17 13:01 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-04-01 07:49 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2015-03-31 11:50 - 2015-03-31 11:50 - 00281784 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-31 11:48 - 2015-03-31 11:48 - 00000136 _____ () C:\Windows\system32\netcfg-135234.txt 2015-03-31 11:48 - 2015-03-31 11:48 - 00000134 _____ () C:\Windows\system32\netcfg-135093.txt 2015-03-31 11:48 - 2015-03-31 11:48 - 00000134 _____ () C:\Windows\system32\netcfg-134171.txt 2015-03-31 10:35 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2015-03-31 10:35 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2015-03-31 10:29 - 2015-04-01 10:23 - 00157700 _____ () C:\Windows\PFRO.log 2015-03-31 10:28 - 2015-03-31 10:28 - 00000117 _____ () C:\Windows\system32\netcfg-139651953.txt 2015-03-31 10:27 - 2015-03-31 10:27 - 00198508 _____ () C:\Users\Stefsl\Documents\cc_20150331_102713.reg 2015-03-31 10:25 - 2015-03-31 10:25 - 00002790 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-03-31 10:25 - 2015-03-31 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-03-31 10:25 - 2015-03-31 10:25 - 00000000 ____D () C:\Program Files\CCleaner 2015-03-31 10:16 - 2015-03-31 10:16 - 00000117 _____ () C:\Windows\system32\netcfg-138955593.txt 2015-03-31 10:16 - 2015-03-31 10:16 - 00000117 _____ () C:\Windows\system32\netcfg-138955546.txt 2015-03-31 10:16 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2015-03-31 10:16 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS 2015-03-31 10:16 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS 2015-03-31 10:16 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-03-31 10:16 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-03-31 10:15 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-31 10:15 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2015-03-31 10:15 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2015-03-31 10:15 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2015-03-31 10:15 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2015-03-31 10:15 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2015-03-31 10:15 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-03-31 10:15 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll 2015-03-31 10:15 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll 2015-03-31 10:15 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll 2015-03-31 10:15 - 2012-11-03 07:26 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe 2015-03-31 10:15 - 2012-11-03 07:26 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe 2015-03-31 10:15 - 2012-11-03 07:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll 2015-03-31 10:15 - 2012-11-03 07:24 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll 2015-03-31 10:15 - 2012-11-03 07:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll 2015-03-31 10:15 - 2012-11-03 07:04 - 00003584 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll 2015-03-31 10:15 - 2012-11-03 07:00 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll 2015-03-31 10:15 - 2012-11-03 07:00 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll 2015-03-31 10:10 - 2015-03-31 10:10 - 00000117 _____ () C:\Windows\system32\netcfg-138577390.txt 2015-03-31 09:55 - 2014-12-18 08:52 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2015-03-31 09:55 - 2014-12-18 08:51 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-31 09:55 - 2014-12-18 08:20 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2015-03-31 09:55 - 2014-12-18 06:47 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-31 09:55 - 2014-12-18 06:15 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-31 09:55 - 2014-12-10 01:14 - 00569720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-31 09:55 - 2014-11-08 13:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-31 09:55 - 2014-11-08 08:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-31 09:55 - 2014-10-11 10:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-31 09:55 - 2014-10-11 07:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-31 09:55 - 2014-10-11 07:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-31 09:55 - 2014-08-22 01:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-03-31 09:55 - 2014-08-22 01:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-03-31 09:55 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2015-03-31 09:55 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2015-03-31 09:55 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-31 09:55 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-31 09:55 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-31 09:55 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-31 09:55 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-31 09:55 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-31 09:55 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-31 09:55 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-31 09:55 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll 2015-03-31 09:55 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-03-31 09:55 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-03-30 19:06 - 2015-03-30 19:06 - 00000117 _____ () C:\Windows\system32\netcfg-84384453.txt 2015-03-30 19:06 - 2015-03-30 19:06 - 00000117 _____ () C:\Windows\system32\netcfg-84377796.txt 2015-03-30 19:06 - 2015-03-30 19:06 - 00000117 _____ () C:\Windows\system32\netcfg-84377218.txt 2015-03-29 19:41 - 2015-03-29 19:41 - 00000117 _____ () C:\Windows\system32\netcfg-35046.txt 2015-03-29 19:40 - 2015-03-29 19:40 - 00000117 _____ () C:\Windows\system32\netcfg-2841765.txt 2015-03-29 19:36 - 2015-04-01 08:31 - 00000000 ____D () C:\AdwCleaner 2015-03-29 19:31 - 2015-01-15 23:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-29 19:15 - 2015-03-29 19:15 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Macromedia 2015-03-29 19:04 - 2015-03-29 19:12 - 00000000 ____D () C:\ProgramData\PRICache 2015-03-29 19:00 - 2015-03-29 19:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection 2015-03-29 18:56 - 2015-03-29 18:56 - 00000117 _____ () C:\Windows\system32\netcfg-191750.txt 2015-03-29 18:55 - 2015-03-29 18:55 - 00000117 _____ () C:\Windows\system32\netcfg-171000.txt 2015-03-29 18:55 - 2015-03-29 18:55 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Power2Go8 2015-03-29 18:54 - 2015-03-29 18:54 - 00000117 _____ () C:\Windows\system32\netcfg-78359.txt 2015-03-29 18:54 - 2015-03-29 18:54 - 00000117 _____ () C:\Windows\system32\netcfg-75265.txt 2015-03-29 18:50 - 2015-03-29 18:56 - 00000000 ____D () C:\ProgramData\HPQLOG 2015-03-29 18:49 - 2015-03-29 18:59 - 00000000 ____D () C:\Program Files\Hewlett-Packard 2015-03-29 18:45 - 2015-03-29 18:45 - 00000000 ____D () C:\Users\Public\CyberLink 2015-03-29 18:45 - 2015-03-29 18:45 - 00000000 ____D () C:\ProgramData\CyberLink 2015-03-29 18:44 - 2015-03-31 10:09 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools 2015-03-29 18:43 - 2015-03-31 10:09 - 00000000 ____D () C:\Program Files (x86)\CyberLink 2015-03-29 18:43 - 2015-03-29 18:45 - 00000000 ____D () C:\ProgramData\install_clap 2015-03-29 18:43 - 2015-03-29 18:43 - 00000000 ____D () C:\ProgramData\Temp 2015-03-29 18:32 - 2015-03-31 10:33 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-29 18:29 - 2015-04-01 10:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-29 18:29 - 2015-03-29 18:29 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-29 18:28 - 2015-03-29 18:29 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Adobe 2015-03-29 18:25 - 2015-03-29 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-03-29 18:25 - 2015-03-29 18:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-03-29 18:25 - 2015-03-29 18:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-03-29 18:22 - 2015-03-29 18:22 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-29 18:22 - 2015-03-29 18:22 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-29 18:22 - 2015-03-29 18:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-29 18:20 - 2015-03-29 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-03-29 18:17 - 2015-03-29 18:17 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2015-03-29 18:17 - 2015-03-29 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-03-29 18:08 - 2012-08-31 02:53 - 00017888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2015-03-29 18:08 - 2012-08-31 02:52 - 00017888 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2015-03-29 18:00 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2015-03-29 17:58 - 2015-03-29 18:48 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Hewlett-Packard 2015-03-29 17:58 - 2015-02-23 12:52 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-29 17:58 - 2015-02-23 12:52 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-29 17:58 - 2015-02-23 12:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-29 17:58 - 2015-02-23 12:51 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2015-03-29 17:58 - 2015-02-23 12:51 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-29 17:58 - 2015-02-23 12:51 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-29 17:58 - 2015-02-23 12:51 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 19301888 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 15410688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 02656256 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-29 17:58 - 2015-02-23 12:50 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-29 17:58 - 2015-02-23 12:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-29 17:58 - 2015-02-23 11:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-29 17:58 - 2015-02-23 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2015-03-29 17:58 - 2015-02-23 10:51 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-03-29 17:58 - 2015-02-21 07:31 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-29 17:58 - 2015-02-21 07:31 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-29 17:58 - 2015-02-21 07:31 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-29 17:58 - 2015-02-21 07:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 14380544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 13768704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 02864640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-29 17:58 - 2015-02-21 07:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-29 17:58 - 2015-02-21 07:29 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-29 17:58 - 2015-02-21 07:29 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-29 17:58 - 2015-02-21 07:29 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-29 17:58 - 2015-02-21 07:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-29 17:58 - 2015-02-21 07:07 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2015-03-29 17:58 - 2015-02-21 06:42 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-03-29 17:58 - 2015-02-21 05:00 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2015-03-29 17:57 - 2015-03-29 17:57 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard 2015-03-29 17:57 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2015-03-29 17:57 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2015-03-29 17:57 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe 2015-03-29 17:57 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2015-03-29 17:57 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-29 17:57 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2015-03-29 17:57 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-29 17:57 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2015-03-29 17:57 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2015-03-29 17:57 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2015-03-29 17:57 - 2012-10-10 09:04 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2015-03-29 17:57 - 2012-10-10 08:31 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll 2015-03-29 17:56 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2015-03-29 17:56 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2015-03-29 17:56 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys 2015-03-29 17:56 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2015-03-29 17:56 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2015-03-29 17:56 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-03-29 17:56 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll 2015-03-29 17:56 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll 2015-03-29 17:56 - 2013-08-16 00:43 - 00083968 _____ () C:\Windows\SysWOW64\OEMLicense.dll 2015-03-29 17:56 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2015-03-29 17:56 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll 2015-03-29 17:56 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2015-03-29 17:56 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2015-03-29 17:56 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-29 17:56 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-29 17:56 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2015-03-29 17:56 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe 2015-03-29 17:56 - 2012-09-20 08:33 - 00110592 _____ () C:\Windows\system32\OEMLicense.dll 2015-03-29 17:55 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2015-03-29 17:55 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2015-03-29 17:54 - 2014-08-09 10:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-03-29 17:54 - 2014-08-09 10:29 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll 2015-03-29 17:54 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-03-29 17:54 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-03-29 17:53 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-03-29 17:53 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-03-29 17:53 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-03-29 17:53 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-03-29 17:53 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2015-03-29 17:53 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2015-03-29 17:53 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2015-03-29 17:53 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2015-03-29 17:53 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2015-03-29 17:53 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2015-03-29 17:53 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2015-03-29 17:53 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2015-03-29 17:53 - 2012-11-20 06:56 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2015-03-29 17:51 - 2014-12-08 08:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-03-29 17:51 - 2014-12-08 07:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-03-29 17:51 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2015-03-29 17:51 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2015-03-29 17:50 - 2014-10-23 14:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2015-03-29 17:50 - 2014-10-23 13:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2015-03-29 17:49 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-03-29 17:49 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-03-29 17:48 - 2014-11-08 13:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2015-03-29 17:48 - 2014-11-08 08:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2015-03-29 17:48 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2015-03-29 17:48 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2015-03-29 17:48 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys 2015-03-29 17:48 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2015-03-29 17:48 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2015-03-29 17:48 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2015-03-29 17:48 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2015-03-29 17:48 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2015-03-29 17:47 - 2015-01-29 10:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-29 17:47 - 2015-01-29 08:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-29 17:47 - 2014-12-19 08:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-03-29 17:47 - 2014-09-13 08:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2015-03-29 17:47 - 2014-09-03 04:48 - 00457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2015-03-29 17:47 - 2014-09-03 04:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2015-03-29 17:47 - 2014-09-03 04:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2015-03-29 17:47 - 2014-09-03 04:21 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2015-03-29 17:47 - 2014-09-03 04:21 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2015-03-29 17:47 - 2014-08-29 06:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2015-03-29 17:47 - 2014-08-29 06:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2015-03-29 17:47 - 2014-08-29 06:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2015-03-29 17:47 - 2014-08-29 06:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2015-03-29 17:47 - 2014-08-28 08:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll 2015-03-29 17:47 - 2014-08-28 08:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll 2015-03-29 17:47 - 2014-08-28 07:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll 2015-03-29 17:47 - 2014-08-28 07:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll 2015-03-29 17:47 - 2014-08-28 07:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll 2015-03-29 17:47 - 2014-08-28 07:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll 2015-03-29 17:47 - 2014-07-24 15:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2015-03-29 17:47 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-03-29 17:47 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-03-29 17:46 - 2014-12-06 09:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2015-03-29 17:46 - 2014-12-06 09:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2015-03-29 17:46 - 2014-12-06 09:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2015-03-29 17:46 - 2014-12-06 09:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-03-29 17:46 - 2014-12-06 09:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2015-03-29 17:46 - 2014-12-06 09:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2015-03-29 17:46 - 2014-12-06 09:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-29 17:46 - 2014-12-06 09:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-29 17:46 - 2014-12-06 08:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2015-03-29 17:46 - 2014-12-06 08:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe 2015-03-29 17:46 - 2014-12-06 08:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll 2015-03-29 17:46 - 2014-12-06 08:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-03-29 17:46 - 2014-10-03 03:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-29 17:46 - 2014-10-03 00:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2015-03-29 17:46 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-03-29 17:46 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2015-03-29 17:46 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-03-29 17:46 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-03-29 17:46 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-03-29 17:46 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-03-29 17:46 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2015-03-29 17:46 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-03-29 17:46 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-03-29 17:46 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-03-29 17:46 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-03-29 17:46 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-03-29 17:46 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2015-03-29 17:46 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe 2015-03-29 17:46 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-29 17:46 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-29 17:46 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-29 17:46 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-29 17:46 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-29 17:46 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-03-29 17:46 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2015-03-29 17:46 - 2012-11-06 07:00 - 00463768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-29 17:46 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-03-29 17:46 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-03-29 17:46 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-03-29 17:46 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-03-29 17:46 - 2012-10-24 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-29 17:46 - 2012-10-24 05:24 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-29 17:46 - 2012-10-24 05:24 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-29 17:46 - 2012-10-24 05:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-29 17:45 - 2015-02-20 15:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-29 17:45 - 2015-02-20 13:56 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-29 17:45 - 2015-02-20 10:10 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-29 17:45 - 2015-02-20 09:24 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-29 17:45 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2015-03-29 17:45 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2015-03-29 17:45 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2015-03-29 17:45 - 2014-07-07 07:51 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-03-29 17:45 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2015-03-29 17:45 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2015-03-29 17:45 - 2014-07-07 06:00 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-03-29 17:45 - 2014-07-07 05:59 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-03-29 17:45 - 2012-11-08 06:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-29 17:45 - 2012-11-08 06:24 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-29 17:45 - 2012-11-08 06:20 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-29 17:45 - 2012-11-08 06:20 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-29 17:45 - 2012-11-08 06:02 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-29 17:45 - 2012-11-08 06:01 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-29 17:44 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2015-03-29 17:44 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2015-03-29 17:44 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2015-03-29 17:44 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2015-03-29 17:44 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2015-03-29 17:44 - 2013-02-02 13:19 - 00329960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2015-03-29 17:44 - 2013-02-02 13:19 - 00061672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys 2015-03-29 17:44 - 2013-02-02 12:54 - 01933544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2015-03-29 17:44 - 2013-02-02 12:28 - 00993512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-03-29 17:44 - 2013-02-02 10:40 - 10792448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll 2015-03-29 17:44 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe 2015-03-29 17:44 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe 2015-03-29 17:44 - 2013-02-02 10:39 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-29 17:44 - 2013-02-02 10:39 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll 2015-03-29 17:44 - 2013-02-02 10:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll 2015-03-29 17:44 - 2013-02-02 10:39 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll 2015-03-29 17:44 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll 2015-03-29 17:44 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll 2015-03-29 17:44 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2015-03-29 17:44 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe 2015-03-29 17:44 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe 2015-03-29 17:44 - 2013-02-02 10:23 - 13643264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2015-03-29 17:44 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll 2015-03-29 17:44 - 2013-02-02 10:22 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2015-03-29 17:44 - 2013-02-02 10:22 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-29 17:44 - 2013-02-02 10:21 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll 2015-03-29 17:44 - 2013-02-02 10:21 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll 2015-03-29 17:44 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2015-03-29 17:44 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll 2015-03-29 17:44 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2015-03-29 17:44 - 2013-02-02 09:25 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys 2015-03-29 17:44 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys 2015-03-29 17:44 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys 2015-03-29 17:44 - 2012-11-20 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidi2c.sys 2015-03-29 17:43 - 2015-01-20 08:41 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-29 17:43 - 2015-01-20 07:10 - 00892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-29 17:43 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-03-29 17:43 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2015-03-29 17:43 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2015-03-29 17:43 - 2013-02-06 00:31 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2015-03-29 17:43 - 2013-02-06 00:29 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-03-29 17:43 - 2013-02-06 00:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2015-03-29 17:43 - 2013-02-06 00:28 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-03-29 17:43 - 2012-10-11 09:02 - 01636672 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2015-03-29 17:43 - 2012-10-11 07:45 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2015-03-29 17:43 - 2012-10-11 07:19 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys 2015-03-29 17:43 - 2012-10-11 07:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2015-03-29 17:42 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-29 17:42 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-29 17:42 - 2015-01-24 06:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-29 17:42 - 2014-10-11 09:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-29 17:42 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2015-03-29 17:42 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-03-29 17:42 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-03-29 17:42 - 2012-10-12 10:08 - 00027880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2015-03-29 17:42 - 2012-10-12 08:14 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2015-03-29 17:41 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2015-03-29 17:41 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2015-03-29 17:41 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2015-03-29 17:41 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2015-03-29 17:41 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2015-03-29 17:41 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2015-03-29 17:41 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2015-03-29 17:41 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2015-03-29 17:38 - 2015-02-26 06:35 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-29 17:36 - 2014-12-19 06:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-03-29 17:36 - 2014-12-18 10:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys 2015-03-29 17:36 - 2014-12-18 08:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2015-03-29 17:36 - 2014-12-18 08:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2015-03-29 17:36 - 2014-12-18 08:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2015-03-29 17:36 - 2014-12-18 08:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2015-03-29 17:36 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2015-03-29 17:36 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2015-03-29 17:36 - 2012-10-06 06:53 - 02893824 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2015-03-29 17:36 - 2012-10-06 06:15 - 02400256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2015-03-29 17:34 - 2015-01-31 15:48 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2015-03-29 17:34 - 2015-01-31 07:55 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2015-03-29 17:34 - 2015-01-22 08:42 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2015-03-29 17:34 - 2015-01-22 07:00 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2015-03-29 17:34 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2015-03-29 17:34 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2015-03-29 17:34 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe 2015-03-29 17:34 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe 2015-03-29 17:33 - 2014-12-11 08:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-03-29 17:33 - 2014-11-26 08:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-03-29 17:33 - 2014-11-26 06:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-03-29 17:33 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2015-03-29 17:33 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2015-03-29 17:32 - 2015-02-13 01:18 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml 2015-03-29 17:31 - 2014-10-30 09:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-29 17:31 - 2014-10-30 07:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-29 17:31 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2015-03-29 17:31 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2015-03-29 17:28 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-03-29 17:28 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-03-29 17:28 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-03-29 17:28 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-03-29 17:27 - 2013-03-02 10:22 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2015-03-29 17:27 - 2013-03-02 04:44 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2015-03-29 17:26 - 2015-03-29 17:26 - 00000117 _____ () C:\Windows\system32\netcfg-209546.txt 2015-03-29 17:26 - 2015-03-29 17:26 - 00000117 _____ () C:\Windows\system32\netcfg-208968.txt 2015-03-29 17:26 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll 2015-03-29 17:26 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll 2015-03-29 17:26 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2015-03-29 17:26 - 2012-11-03 07:26 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\sysreset.exe 2015-03-29 17:26 - 2012-11-03 07:25 - 00945152 _____ (Microsoft Corporation) C:\Windows\system32\resetengmig.dll 2015-03-29 17:25 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2015-03-29 17:25 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2015-03-29 17:22 - 2015-03-29 17:22 - 00000117 _____ () C:\Windows\system32\netcfg-3018015.txt 2015-03-29 17:20 - 2015-03-29 17:20 - 00001646 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Sound+.lnk 2015-03-29 17:20 - 2015-03-29 17:20 - 00000000 ____D () C:\Windows\system32\SRSLabs 2015-03-29 17:20 - 2013-11-07 00:07 - 08157184 _____ (IDT, Inc.) C:\Windows\system32\IDTNHP.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 08131584 _____ (IDT, Inc.) C:\Windows\system32\IDTNGUI.exe 2015-03-29 17:20 - 2013-11-07 00:07 - 06154240 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 02233344 _____ (IDT, Inc.) C:\Windows\system32\IDTNX.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 02213376 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 01897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl 2015-03-29 17:20 - 2013-11-07 00:07 - 01703424 _____ (IDT, Inc.) C:\Windows\sttray64.exe 2015-03-29 17:20 - 2013-11-07 00:07 - 00697856 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 00551936 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys 2015-03-29 17:20 - 2013-11-07 00:07 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646496.dll 2015-03-29 17:20 - 2013-11-07 00:07 - 00253952 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe 2015-03-29 17:20 - 2013-03-12 11:19 - 00031804 _____ () C:\Windows\system32\SS15DTS.XML 2015-03-29 17:20 - 2011-05-17 17:25 - 00464384 _____ (SRS Labs, Inc.) C:\Windows\system32\slapoi64.dll 2015-03-29 17:19 - 2015-03-31 10:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-29 17:19 - 2015-03-29 17:21 - 00000000 ____D () C:\Program Files\IDT 2015-03-29 17:07 - 2015-04-02 08:17 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com 2015-03-29 17:07 - 2015-03-29 17:15 - 00002048 _____ () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2015-03-29 17:07 - 2015-03-29 17:07 - 00000000 ____D () C:\ProgramData\IsolatedStorage 2015-03-29 16:49 - 2015-03-29 16:49 - 00000117 _____ () C:\Windows\system32\netcfg-1053390.txt 2015-03-29 13:03 - 2015-01-09 08:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2015-03-29 13:03 - 2015-01-09 07:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2015-03-29 13:03 - 2015-01-09 01:52 - 00478296 _____ () C:\Windows\SysWOW64\locale.nls 2015-03-29 13:03 - 2015-01-09 01:52 - 00478296 _____ () C:\Windows\system32\locale.nls 2015-03-29 12:56 - 2015-03-29 13:02 - 00000000 ____D () C:\Windows\system32\MRT 2015-03-29 12:56 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-03-29 12:21 - 2015-03-29 12:21 - 00000117 _____ () C:\Windows\system32\netcfg-3696296.txt 2015-03-29 12:04 - 2015-03-29 12:04 - 00000117 _____ () C:\Windows\system32\netcfg-2689906.txt 2015-03-29 12:04 - 2015-03-29 12:04 - 00000117 _____ () C:\Windows\system32\netcfg-2685671.txt 2015-03-29 12:02 - 2015-03-29 12:02 - 00000117 _____ () C:\Windows\system32\netcfg-2542046.txt 2015-03-29 12:00 - 2015-03-29 12:00 - 00000117 _____ () C:\Windows\system32\netcfg-2448828.txt 2015-03-29 11:40 - 2015-03-29 11:40 - 00000117 _____ () C:\Windows\system32\netcfg-1215718.txt 2015-03-29 11:21 - 2015-03-29 11:21 - 00000000 ____D () C:\OETemp 2015-03-29 11:18 - 2015-03-29 11:18 - 00000117 _____ () C:\Windows\system32\netcfg-1285968.txt 2015-03-29 11:14 - 2015-03-29 11:14 - 00000117 _____ () C:\Windows\system32\netcfg-1004750.txt 2015-03-29 11:12 - 2015-03-29 11:12 - 00000117 _____ () C:\Windows\system32\netcfg-889062.txt 2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Synaptics 2015-03-29 10:58 - 2015-03-29 10:58 - 00000117 _____ () C:\Windows\system32\netcfg-37921.txt 2015-03-29 10:57 - 2015-03-29 10:57 - 00000117 _____ () C:\Windows\system32\netcfg-177734093.txt 2015-03-29 10:56 - 2015-03-29 10:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-03-29 10:55 - 2015-03-29 10:55 - 00000000 ____D () C:\Program Files\Synaptics 2015-03-29 10:40 - 2015-03-29 10:40 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Thunderbird 2015-03-29 10:40 - 2015-03-29 10:40 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Thunderbird 2015-03-29 10:35 - 2015-03-29 10:35 - 00000117 _____ () C:\Windows\system32\netcfg-176420453.txt 2015-03-29 10:35 - 2015-03-29 10:35 - 00000117 _____ () C:\Windows\system32\netcfg-176419953.txt 2015-03-29 10:32 - 2015-03-29 10:32 - 00000117 _____ () C:\Windows\system32\netcfg-176236078.txt 2015-03-29 10:32 - 2015-03-29 10:32 - 00000117 _____ () C:\Windows\system32\netcfg-176235875.txt 2015-03-29 10:32 - 2015-03-29 10:32 - 00000117 _____ () C:\Windows\system32\netcfg-176234546.txt 2015-03-29 08:01 - 2015-03-29 08:01 - 00000355 _____ () C:\Users\Stefsl\Desktop\Arbeitsplatz.lnk 2015-03-28 08:48 - 2015-03-28 08:48 - 00000117 _____ () C:\Windows\system32\netcfg-83609343.txt 2015-03-28 08:46 - 2015-03-28 08:46 - 00000117 _____ () C:\Windows\system32\netcfg-83537546.txt 2015-03-28 08:46 - 2015-03-28 08:46 - 00000117 _____ () C:\Windows\system32\netcfg-83536640.txt 2015-03-28 08:46 - 2015-03-28 08:46 - 00000117 _____ () C:\Windows\system32\netcfg-83531109.txt 2015-03-27 09:40 - 2015-03-27 09:40 - 00000117 _____ () C:\Windows\system32\netcfg-359265.txt 2015-03-27 09:39 - 2015-03-27 09:39 - 00000117 _____ () C:\Windows\system32\netcfg-277156.txt 2015-03-27 09:39 - 2015-03-27 09:39 - 00000117 _____ () C:\Windows\system32\netcfg-277125.txt 2015-03-27 09:39 - 2015-03-27 09:39 - 00000117 _____ () C:\Windows\system32\netcfg-271500.txt 2015-03-27 08:40 - 2015-03-27 08:40 - 00000117 _____ () C:\Windows\system32\netcfg-44767062.txt 2015-03-27 08:38 - 2015-03-27 08:38 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-27 08:35 - 2015-03-27 08:35 - 00000117 _____ () C:\Windows\system32\netcfg-44459437.txt 2015-03-27 08:35 - 2015-03-27 08:35 - 00000117 _____ () C:\Windows\system32\netcfg-44459406.txt 2015-03-27 08:35 - 2015-03-27 08:35 - 00000117 _____ () C:\Windows\system32\netcfg-44458812.txt 2015-03-27 02:38 - 2015-03-31 10:26 - 00000000 ____D () C:\Windows\Panther 2015-03-27 02:38 - 2015-03-27 02:38 - 00000000 ____D () C:\Windows\system32\sxsback 2015-03-27 02:38 - 2015-03-26 17:45 - 00000000 ____D () C:\Windows\system32\asg 2015-03-26 20:16 - 2015-03-26 20:16 - 00000117 _____ () C:\Windows\system32\netcfg-150609.txt 2015-03-26 20:10 - 2015-03-26 20:10 - 00000117 _____ () C:\Windows\system32\netcfg-8978812.txt 2015-03-26 19:49 - 2015-03-26 19:49 - 00000117 _____ () C:\Windows\system32\netcfg-7710296.txt 2015-03-26 19:46 - 2015-03-26 19:46 - 00003128 _____ () C:\Windows\System32\Tasks\{CC7C9611-5C17-47C3-A455-082E315393D6} 2015-03-26 19:46 - 2015-03-26 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-7501750.txt 2015-03-26 19:46 - 2015-03-26 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-7501656.txt 2015-03-26 19:46 - 2015-03-26 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-7496156.txt 2015-03-26 18:53 - 2015-03-26 18:53 - 00000117 _____ () C:\Windows\system32\netcfg-4325328.txt 2015-03-26 18:46 - 2015-03-29 18:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-26 18:46 - 2015-03-26 18:46 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Mozilla 2015-03-26 18:46 - 2015-03-26 18:46 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Mozilla 2015-03-26 18:46 - 2015-03-26 18:46 - 00000000 ____D () C:\ProgramData\Mozilla 2015-03-26 18:38 - 2015-03-26 18:38 - 00000117 _____ () C:\Windows\system32\netcfg-3424078.txt 2015-03-26 18:38 - 2015-03-26 18:38 - 00000117 _____ () C:\Windows\system32\netcfg-3423250.txt 2015-03-26 18:36 - 2015-03-26 18:36 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-03-26 18:36 - 2015-03-26 18:36 - 00000000 ____D () C:\Intel 2015-03-26 18:36 - 2013-10-15 20:42 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2015-03-26 18:36 - 2013-10-15 20:42 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2015-03-26 18:35 - 2015-03-26 18:35 - 00000000 ____D () C:\Program Files\Intel 2015-03-26 18:31 - 2014-05-20 04:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-03-26 18:31 - 2014-05-20 01:45 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-03-26 18:31 - 2014-05-20 01:45 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2015-03-26 18:31 - 2014-05-20 01:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-03-26 18:31 - 2014-05-15 00:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-03-26 18:31 - 2014-05-15 00:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-03-26 18:31 - 2014-05-15 00:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-03-26 18:31 - 2014-05-15 00:42 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-03-26 18:31 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-03-26 18:31 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-03-26 18:31 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-03-26 18:31 - 2012-11-06 06:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2015-03-26 18:31 - 2012-11-06 06:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll 2015-03-26 18:30 - 2015-03-26 18:30 - 00001260 _____ () C:\Windows\system32\netcfg-2939062.txt 2015-03-26 18:30 - 2015-03-26 18:30 - 00001139 _____ () C:\Windows\system32\netcfg-2942281.txt 2015-03-26 18:30 - 2015-03-26 18:30 - 00000321 _____ () C:\Windows\system32\netcfg-2941203.txt 2015-03-26 18:28 - 2015-03-26 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-2846359.txt 2015-03-26 18:28 - 2015-03-26 18:28 - 00000117 _____ () C:\Windows\system32\netcfg-2844703.txt 2015-03-26 18:23 - 2015-03-26 18:23 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Macromedia 2015-03-26 18:22 - 2015-04-02 08:31 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\CopyEditor 2015-03-26 18:22 - 2015-04-01 09:23 - 00000000 ____D () C:\Program Files (x86)\ProductUI 2015-03-26 18:20 - 2015-03-26 18:20 - 00000117 _____ () C:\Windows\system32\netcfg-2357046.txt 2015-03-26 18:20 - 2015-03-26 18:20 - 00000117 _____ () C:\Windows\system32\netcfg-2355421.txt 2015-03-26 18:19 - 2015-03-26 18:19 - 00000117 _____ () C:\Windows\system32\netcfg-2320015.txt 2015-03-26 18:19 - 2015-03-26 18:19 - 00000117 _____ () C:\Windows\system32\netcfg-2317312.txt 2015-03-26 18:19 - 2015-03-26 18:19 - 00000117 _____ () C:\Windows\system32\netcfg-2317296.txt 2015-03-26 18:19 - 2015-03-26 18:19 - 00000117 _____ () C:\Windows\system32\netcfg-2315921.txt 2015-03-26 18:11 - 2015-03-29 19:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard 2015-03-26 18:11 - 2015-03-29 18:38 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Downloaded Installations 2015-03-26 18:11 - 2015-03-29 18:34 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\hpqLog 2015-03-26 18:10 - 2015-03-29 18:47 - 00000000 ____D () C:\SWSetup 2015-03-26 18:10 - 2015-03-29 18:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2015-03-26 18:09 - 2015-03-26 18:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-03-26 17:56 - 2015-04-01 09:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3556418851-3596716294-175366706-1001 2015-03-26 17:45 - 2015-03-26 17:45 - 00001438 _____ () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-26 17:45 - 2015-03-26 17:45 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Adobe 2015-03-26 17:45 - 2015-03-26 17:45 - 00000000 ____D () C:\System.sav 2015-03-26 17:44 - 2015-04-02 08:29 - 01057894 _____ () C:\Windows\WindowsUpdate.log 2015-03-26 17:44 - 2015-04-02 08:28 - 00000000 ____D () C:\Users\Stefsl 2015-03-26 17:44 - 2015-03-26 18:57 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\Packages 2015-03-26 17:44 - 2015-03-26 17:44 - 00000020 ___SH () C:\Users\Stefsl\ntuser.ini 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Vorlagen 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Startmenü 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Netzwerkumgebung 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Lokale Einstellungen 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Eigene Dateien 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Druckumgebung 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Documents\Eigene Musik 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Documents\Eigene Bilder 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\AppData\Local\Verlauf 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\AppData\Local\Anwendungsdaten 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 _SHDL () C:\Users\Stefsl\Anwendungsdaten 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 ____D () C:\Windows\CSC 2015-03-26 17:44 - 2015-03-26 17:44 - 00000000 ____D () C:\Users\Stefsl\AppData\Local\VirtualStore 2015-03-26 17:44 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-26 17:44 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-26 17:44 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-03-26 17:44 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Stefsl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Programme 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2015-03-26 17:41 - 2015-03-26 17:41 - 00000000 __SHD () C:\Recovery 2015-03-26 17:40 - 2015-03-26 17:40 - 00001100 _____ () C:\Windows\system32\netcfg-68218.txt 2015-03-26 17:40 - 2015-03-26 17:40 - 00000161 _____ () C:\Windows\system32\netcfg-67890.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00001137 _____ () C:\Windows\system32\netcfg-61093.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000185 _____ () C:\Windows\system32\netcfg-59406.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000164 _____ () C:\Windows\system32\netcfg-57890.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000161 _____ () C:\Windows\system32\netcfg-59203.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000160 _____ () C:\Windows\system32\netcfg-58984.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000160 _____ () C:\Windows\system32\netcfg-58578.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000160 _____ () C:\Windows\system32\netcfg-57671.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000159 _____ () C:\Windows\system32\netcfg-58281.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000157 _____ () C:\Windows\system32\netcfg-58781.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000157 _____ () C:\Windows\system32\netcfg-53015.txt 2015-03-26 17:39 - 2015-03-26 17:39 - 00000150 _____ () C:\Windows\system32\netcfg-58093.txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-02 08:30 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2015-04-02 08:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2015-04-01 10:24 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-01 10:02 - 2012-08-20 17:39 - 00787946 _____ () C:\Windows\system32\perfh00A.dat 2015-04-01 10:02 - 2012-08-20 17:39 - 00162354 _____ () C:\Windows\system32\perfc00A.dat 2015-04-01 10:02 - 2012-08-20 17:22 - 00421420 _____ () C:\Windows\system32\perfh001.dat 2015-04-01 10:02 - 2012-08-20 17:22 - 00064626 _____ () C:\Windows\system32\perfc001.dat 2015-04-01 10:02 - 2012-08-20 17:01 - 00753134 _____ () C:\Windows\system32\perfh007.dat 2015-04-01 10:02 - 2012-08-20 17:01 - 00155826 _____ () C:\Windows\system32\perfc007.dat 2015-04-01 10:02 - 2012-08-20 16:54 - 00660514 _____ () C:\Windows\system32\perfh00C.dat 2015-04-01 10:02 - 2012-08-20 16:54 - 00127650 _____ () C:\Windows\system32\perfc00C.dat 2015-04-01 10:02 - 2012-07-26 09:28 - 03964584 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-01 09:51 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-03-31 11:49 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\ar-SA 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-31 11:43 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-31 11:40 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-31 11:40 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal 2015-03-31 11:38 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2015-03-31 11:37 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\oobe 2015-03-31 10:29 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2015-03-29 19:01 - 2012-08-20 17:39 - 00000000 ____D () C:\Windows\SysWOW64\es 2015-03-29 19:01 - 2012-08-20 17:01 - 00000000 ____D () C:\Windows\SysWOW64\de 2015-03-29 19:01 - 2012-08-20 16:54 - 00000000 ____D () C:\Windows\SysWOW64\fr 2015-03-29 18:59 - 2012-08-20 17:39 - 00000000 ____D () C:\Windows\system32\es 2015-03-29 18:59 - 2012-08-20 17:22 - 00000000 ____D () C:\Windows\system32\ar 2015-03-29 18:59 - 2012-08-20 17:01 - 00000000 ____D () C:\Windows\system32\de 2015-03-29 18:59 - 2012-08-20 16:54 - 00000000 ____D () C:\Windows\system32\fr 2015-03-29 18:13 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2015-03-29 18:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2015-03-29 16:35 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2015-03-29 16:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\migwiz 2015-03-29 16:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2015-03-29 16:12 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer 2015-03-29 16:12 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\winrm 2015-03-29 16:12 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2015-03-29 16:11 - 2012-08-20 16:54 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer 2015-03-29 16:11 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2015-03-29 16:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\MUI 2015-03-29 16:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\Com 2015-03-29 16:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\migwiz 2015-03-29 16:11 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\WCN 2015-03-29 16:11 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\sysprep 2015-03-29 16:11 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\slmgr 2015-03-29 16:11 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts 2015-03-29 16:11 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\system32\winrm 2015-03-29 16:11 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-29 16:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform 2015-03-29 16:09 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Com 2015-03-29 16:09 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\system32\WCN 2015-03-29 16:09 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\system32\slmgr 2015-03-29 16:09 - 2012-07-26 09:49 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts 2015-03-29 16:09 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep 2015-03-29 16:09 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-29 16:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\System 2015-03-29 16:03 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\MUI 2015-03-29 12:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2015-03-27 09:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\Help 2015-03-27 02:38 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template 2015-03-26 18:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-26 18:11 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\restore 2015-03-26 17:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Recovery 2015-03-26 17:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT 2015-03-26 17:41 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default 2015-03-04 23:24 - 2012-07-26 10:14 - 00791496 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-04 23:24 - 2012-07-26 10:14 - 00177608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Stefsl\AppData\Local\Temp\AtpTimerInfo.dll C:\Users\Stefsl\AppData\Local\Temp\avgnt.exe C:\Users\Stefsl\AppData\Local\Temp\gu5setup.exe C:\Users\Stefsl\AppData\Local\Temp\Quarantine.exe C:\Users\Stefsl\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-26 17:39 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Stefsl at 2015-04-02 08:32:04
Running from C:\Users\Stefsl\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6496.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3324 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
26-03-2015 18:11:02 Installed HP Wireless Button Driver.
29-03-2015 11:43:53 Installed HP Wireless Button Driver.
31-03-2015 10:08:38 Konfiguriert Power2Go
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {19B9FB64-E248-4948-B84B-D6CDB7517945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {906C691B-8CC3-4333-90DF-D44C42128DB3} - System32\Tasks\{CC7C9611-5C17-47C3-A455-082E315393D6} => pcalua.exe -a C:\Users\Stefsl\AppData\Roaming\SpeedMon\speedmon.exe -c /uninstall
Task: {A7624BA9-F64D-45A9-8B1B-25761A5E6E40} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
Task: {AC3A1745-ED73-4304-9363-B372FE903465} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-29] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-12 17:22 - 2015-03-12 17:22 - 00085504 _____ () C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor.exe
2015-03-12 17:22 - 2015-03-12 17:22 - 01052160 _____ () C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe
2015-03-13 15:54 - 2015-03-13 15:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-12 17:22 - 2015-03-12 17:22 - 02208256 _____ () C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.dll
2015-03-12 17:22 - 2015-03-12 17:22 - 01827328 _____ () C:\Users\Stefsl\AppData\Local\CopyEditor\spcu.dll
2015-03-26 18:22 - 2015-03-26 18:22 - 00509120 _____ () C:\Users\Stefsl\AppData\Local\CopyEditor\rgbh\cczvvuph.dll
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3556418851-3596716294-175366706-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefsl\Pictures\generation ws.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3556418851-3596716294-175366706-500 - Administrator - Disabled)
Gast (S-1-5-21-3556418851-3596716294-175366706-501 - Limited - Disabled)
Stefsl (S-1-5-21-3556418851-3596716294-175366706-1001 - Administrator - Enabled) => C:\Users\Stefsl
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2015 10:28:00 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (04/01/2015 09:56:23 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-03-08T07:56:23Z. Fehlercode: 0x800706BA.
Error: (04/01/2015 09:56:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: lsass.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108ab2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010acd2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001c90c
ID des fehlerhaften Prozesses: 0x238
Startzeit der fehlerhaften Anwendung: 0xlsass.exe0
Pfad der fehlerhaften Anwendung: lsass.exe1
Pfad des fehlerhaften Moduls: lsass.exe2
Berichtskennung: lsass.exe3
Vollständiger Name des fehlerhaften Pakets: lsass.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: lsass.exe5
Error: (04/01/2015 09:55:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 6.2.9200.16384, Zeitstempel: 0x5010abe7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010acd2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001c90c
ID des fehlerhaften Prozesses: 0x230
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5
Error: (04/01/2015 09:49:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 6.2.9200.16384, Zeitstempel: 0x5010abe7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16384, Zeitstempel: 0x5010acd2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001c90c
ID des fehlerhaften Prozesses: 0x238
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5
Error: (04/01/2015 08:38:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Error: (04/01/2015 08:38:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Error: (04/01/2015 08:38:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Error: (04/01/2015 08:37:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
System errors:
=============
Error: (04/02/2015 08:17:52 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WS-1974 :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.27
registriert werden. Der Computer mit IP-Adresse 192.168.178.25 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2015 08:17:52 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WS-1974 :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.27
registriert werden. Der Computer mit IP-Adresse 192.168.178.25 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (04/02/2015 08:17:52 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{BFD5994C-F8F7-4F0F-8D76-B81DDB2EAB60} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (04/01/2015 10:27:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst NlaSvc erreicht.
Error: (04/01/2015 09:57:23 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.04.2015 um 09:52:04 unerwartet heruntergefahren.
Error: (04/01/2015 09:52:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.04.2015 um 09:12:40 unerwartet heruntergefahren.
Error: (04/01/2015 08:31:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (04/01/2015 08:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/01/2015 08:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (04/01/2015 08:31:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CopyEditor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (04/01/2015 10:28:00 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (04/01/2015 09:56:23 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800706BA2115-03-08T07:56:23Z
Error: (04/01/2015 09:56:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: lsass.exe6.2.9200.1638450108ab2ntdll.dll6.2.9200.163845010acd2c0000005000000000001c90c23801d06c50bbd41c23C:\Windows\system32\lsass.exeC:\Windows\SYSTEM32\ntdll.dll96328162-d844-11e4-be77-28e3478ddf62
Error: (04/01/2015 09:55:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: services.exe6.2.9200.163845010abe7ntdll.dll6.2.9200.163845010acd2c0000005000000000001c90c23001d06c50bbd41c23C:\Windows\system32\services.exeC:\Windows\SYSTEM32\ntdll.dll84795a20-d844-11e4-be77-28e3478ddf62
Error: (04/01/2015 09:49:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: services.exe6.2.9200.163845010abe7ntdll.dll6.2.9200.163845010acd2c0000005000000000001c90c23801d06c459f3dedd5C:\Windows\system32\services.exeC:\Windows\SYSTEM32\ntdll.dlla050f1cf-d843-11e4-be76-28e3478ddf62
Error: (04/01/2015 08:38:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Stefsl\Desktop\esetsmartinstaller_deu.exe
Error: (04/01/2015 08:38:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Stefsl\Desktop\esetsmartinstaller_deu.exe
Error: (04/01/2015 08:38:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Stefsl\Desktop\esetsmartinstaller_deu.exe
Error: (04/01/2015 08:37:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\Users\Stefsl\Desktop\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 66%
Total physical RAM: 3977.11 MB
Available physical RAM: 1346.08 MB
Total Pagefile: 7561.11 MB
Available Pagefile: 4720.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.42 GB) (Free:424.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C9AB906E)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-02 09:04:48
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003d ST500LM012_HN-M500MBB rev.2BA30001 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Stefsl\AppData\Local\Temp\fwdoqpog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2076] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fa2152177a 4 bytes [52, 21, FA, 07]
.text C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2076] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fa21521782 4 bytes [52, 21, FA, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[760] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fa2152177a 4 bytes [52, 21, FA, 07]
.text C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE[760] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fa21521782 4 bytes [52, 21, FA, 07]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [2940:2108] fffff960008385e8
---- Processes - GMER 2.1 ----
Process C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor.exe (*** suspicious ***) @ C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor.exe [1876](2015-03-12 15:22:00) 0000000000ef0000
Process C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe (*** suspicious ***) @ C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe [1536](2015-03-12 15:22:02) 0000000000ad0000
Library C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.dll (*** suspicious ***) @ C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe [1536](2015-03-12 15:22:00) 0000000073200000
Library C:\Users\Stefsl\AppData\Local\CopyEditor\spcu.dll (*** suspicious ***) @ C:\Users\Stefsl\AppData\Local\CopyEditor\CopyEditor_run.exe [1536](2015-03-12 15:22:04) 0000000070680000
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1168285059
Reg HKLM\SYSTEM\CurrentControlSet\Control\Winlogon\Notifications\Components\TrustedInstaller@Events
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\28e3478ddf62
Reg HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller
---- EOF - GMER 2.1 ----
|
| Themen zu Search.Safefinder.com - Bekomme ich nicht weg. |
| .com, adware, antivir, antivirus, avast, avira, browser, computer, cpu, defender, device driver, failed, fehler, firefox, flash player, homepage, installation, mozilla, registry, scan, security, services.exe, software, svchost.exe, system, windows |
Baum-Darstellung